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1. This action is responsive to the amendment and remarks filed on March 13, 2006. 

2. A request for continued examination under 37 CFR 1.114, including the fee set forth in 
37 CFR 1 .17(e), was filed in this application after final rejection. Since this application is 
eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1 .17(e) 
has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 
37 CFR 1.1 14. Applicant's submission filed on 3/13/06 has been entered. 

3. Claims 1-34 are presented for examination. 

4. The text of those sections of Title 35, U.S. code not included in this office action can be 
found in a prior office action. 

Claim Rejections - 35 USC 112 



5. Claims 1-18 are rejected under 35 U.S.C. 112, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. 

a. Claim language in the following claims is not clearly understood: 
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i. As per claim 1, lines 1 1-14, it is unclear how an access request signal can 
be forwarded by a terminal when the access request signal is already sent by the 
terminal in lines 7-10. [i.e., are they describing the same step?]. 

Claim Rejections - 35 USC 103 

6. Claims 1-34 are rejected under 35 U.S.C. 103(a) as being unpatentable over Kalke, U.S. 
Patent Application Publication 2004/0137890 (hereinafter Kalke) in view of Martin, JR. et al, 
U.S. Patent Application Publication 2003/0023849 (hereinafter Martin, JR.). 

7. Kalke and Martin, JR. were cited in the last office action. 

8. As per claims 1 and 33, Kalke taught the invention substantially as claimed by which a 
terminal (10) (122, fig. 1), enabled for handling data-protocol services, is dynamically 
configured for the data-protocol services specific to a service provider (page 4, paragraph 60) so 
as to be able to connect said terminal (10) to an IP backbone network via a network (16) (page 4, 
paragraphs 70-71), which provides said data-protocol services and which is provided by said 
service provider (page 7, paragraph 1 14), comprising the steps of: 

sending (42, 42a) an access-request signal (30, 30a) (page 5, paragraph 84) to the 
network (16) by the terminal (10) for connecting to a help-portal server (24, 24a) of said network 
(16) (fig. 8, page 5, paragraphs 79 and 84) and for requesting a provisioning signal (38) or a 
management session signal (38a) for configuring the terminal (10) (page 4, paragraph 65); and 
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forwarding (52, 52a) the access-request signal (30, 30a) to the help-portal server (24, 24a) 
by the terminal (10) using a well-known uniform resource locator (URL) for said help-portal 
server (URL for GGSN) (page 5, paragraphs 85-86) (Note that DNS query must include URL of 
the GGSN in order for the DNS to lookup corresponding IP addresses) and a trusted access point 
node (20, 20a) (e.g. APN) in order to provide the provisioning signal (38) or the management 
session signal (38a) to the terminal (10) (page 5, paragraphs 83-90; page 6, paragraph 106; page 
9, paragraph 149), wherein said help-portal server is identified to said terminal by the network 
using said chain of trust comprising consecutive exchange of information between the network 
and the terminal (1051, 1056, 1058, fig. 10) (i.e., consecutive exchange between network 
(SGSN, APN DNS, GGSN, WAP Gateway) and the terminal (MS)). 

9. Kalke did not specifically teach provisioning in a secure way based on a chain of trust. 
Martin, JR. taught a similar invention for provisioning in a trusted (i.e. "secure") environment 
based on a chain of trust (page 2, paragraphs 18-20). 

10. It would have been obvious to one having ordinary skill in the art at the time of the 
invention was made to combine the teachings of Kalke and Martin, JR. because Martin, JR's 
teaching of provisioning in a trusted environment would increase the security in Kalke 5 s system 
by providing the ability to control provisioning to mobile devices to prevent unauthorized 
provisioning (page 1, paragraph 3). 

11. As per claim 19, Kalke taught the invention substantially as claimed comprising: 
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a terminal (10) (122, fig. 1), enabled for handling data-protocol services and dynamically 
configured for the data-protocol services specific to a service provider (page 4, paragraph 60), 
responsive to a provisioning signal (38) or to a management session signal (38a) for configuring 
the terminal (10) (page 4, paragraph 70), for providing an access-request signal (30, 30a) (page 
5, paragraph 84); and 

a network (16) provided by said service provider (page 7, paragraph 1 14), responsive to 
the access-request signal (30, 30a) (page 5, paragraph 84), for providing the data-protocol 
services specific to a service provider (page 4, paragraph 70), for forwarding the access-request 
signal (30, 30a) to a help-portal server (24, 24a) using a well-known uniform resource locator 
(URL) for said help-portal server (URL for GGSN) (page 5, paragraphs 85-86) (Note that DNS 
query must include URL of the GGSN in order for the DNS to lookup corresponding IP 
addresses) and a well-known access point node name (APN), for providing the provisioning 
signal (38) or the management session signal (38a) to the terminal (10) to perform said 
configuring (page 5, paragraphs 83-90; page 6, paragraph 106; page 9, paragraph 149) and for 
enabling after said configuring a connection of said terminal (10) to an IP backbone network via 
the network (16) (page 6, paragraph 108), wherein said help-portal server is identified to said 
terminal by the network using said chain of trust comprising consecutive exchange of 
information between the network and the terminal (1051, 1056, 1058, fig. 10) (i.e., consecutive 
exchange between network (SGSN, APN DNS, GGSN, WAP Gateway) and the terminal (MS)). 
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12. Kalke did not specifically teach provisioning in a secure way based on a chain of trust. 
Martin, JR. taught a similar invention for provisioning in a trusted (i.e. "secure") environment 
based on a chain of trust (page 2, paragraphs 18-20). 

13. It would have been obvious to one having ordinary skill in the art at the time of the 
invention was made to combine the teachings of Kalke and Martin, JR. because Martin, JR's 
teaching of provisioning in a trusted environment would increase the security in Kalke' s system 
by providing the ability to control provisioning to mobile devices to prevent unauthorized 
provisioning (page 1, paragraph 3). 

14. As per claim 34, Kalke taught the invention substantially as claimed for a terminal (122, 
fig. 1), enabled for handling data-protocol services or being dynamically configured by a 
network (16) for said data-protocol services specific to a service provider (page 4, paragraph 60), 
comprising: 

means for sending an access signal (30, 30a) to the network (16) (page 5, paragraph 84), 
said access signal comprising a well-known uniform resource locator (URL) for said help-portal 
server (URL for GGSN) (page 5, paragraphs 85-86) (Note that DNS query must include URL of 
the GGSN in order for the DNS to lookup corresponding IP addresses); means for forwarding 
said access signal (30, 30a) to a trusted access point node (20, 20a) optionally identified to the 
terminal (10) by a trusted home location register (HLR) (18, 18a) (page 5, paragraph 84; page 9, 
paragraph 149); means for forwarding said access signal (30, 30a) to a trusted domain name 
service (DNS) server (22, 22a) identified to the terminal (10) by said trusted access point node 
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(20, 20a) (page 5, paragraphs 86 and 90); and means for forwarding said access signal (30, 30a) 
to a help-portal server (24, 24a) using an address mapping for said help-portal server (24, 24a) 
identified to the terminal (10) by said trusted domain name service (DNS) server (22, 22a) (page 
5, paragraphs 79-80, 86, 90, 95). 

15. Kalke did not specifically teach provisioning in a secure way based on a chain of trust. 
Martin, JR. taught a similar invention for provisioning in a trusted (i.e. "secure") environment 
based on a chain of trust (page 2, paragraphs 18-20). 

16. It would have been obvious to one having ordinary skill in the art at the time of the 
invention was made to combine the teachings of Kalke and Martin, JR. because Martin, JR.'s 
teaching of provisioning in a trusted environment would increase the security in Kalke' s system 
by providing the ability to control provisioning to mobile devices to prevent unauthorized 
provisioning (page 1, paragraph 3). 

17. As per claims 2 and 21, Kalke and Martin, JR. taught the invention substantially as 
claimed in claims 1 and 19 above. Kalke further taught wherein said data-protocol services 
specific to said service provider are provided by a general packet radio service (page 9, 
paragraph 149). 
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18. As per claim 3, Kalke and Martin, JR. taught the invention substantially as claimed in 
claim 1 above. Kalke further taught wherein the access-request signal (30, 30a) is sent by a 
browser user agent block (12) of the terminal (10) (page 4, paragraphs 61-62). 

19. As per claims 4 and 20, Kalke and Martin, JR. taught the invention substantially as 
claimed in claims 1 and 19 above. Kalke further taught wherein the well-known uniform 
resource locator (URL) is allowed by an access control profile of the terminal (10) (page 6, 
paragraph 106). 

20. As per claim 5, Kalke and Martin, JR. taught the invention substantially as claimed in 
claim 1 above. Kalke further taught comprising sending (58, 58a) the provisioning signal (38) or 
the management session signal (38a) to the terminal (10) for configuring the terminal (10) (page 
4, paragraph 70). 

21 . As per claims 6 and 30, Kalke and Martin, JR. taught the invention substantially as 
claimed in claims 5 and 19 above. Kalke further taught wherein the provisioning signal (38) is 
sent over an IP bearer or sent using a short message service (SMS) protocol (fig. 12) (i.e. WAP 
gateway 1244 connected to the portal 252 as IP bearer). 

22. As per claims 7 and 3 1 , Kalke and Martin, JR. taught the invention substantially as 
claimed in claims 6 and 30 above. Kalke further taught wherein said provisioning signal (38) is 



Application/Control Number: 10/757,560 Page 9 

Art Unit: 2152 

sent over the IP bearer using a hypertext transfer protocol (HTTP) or a hypertext transfer 
protocol secure (HTTPS) (page 4, paragraph 62). 

23. As per claims 8 and 32, Kalke and Martin, JR. taught the invention substantially as 
claimed in claims 6 and 30 above. Kalke further taught wherein said provisioning signal (38) is 
sent over the air (OTA) (page 6, paragraph 110). 

24. As per claims 9 and 23, Kalke and Martin, JR. taught the invention substantially as 
claimed in claims 1 and 19 above. Kalke further taught comprising the steps of: 

identifying (46, 46a) to the terminal (10) the trusted access point node name by a trusted 
home location register (HLR) (18, 18a) of the network (16) (page 6, paragraph 106); 

forwarding (47, 47a) the access-request signal (30, 30a) to the trusted access point node 
(20, 20a) by the terminal (10) (page 5, paragraph 84; page 9, paragraph 149); 

identifying (48, 48a) to the terminal (10) a trusted domain name service server (22) of 
the network (16) by the trusted access point node (20, 20a) (page 5, paragraph 84; page 9, 
paragraph 149); 

forwarding (50, 50a) said access-request signal (30, 30a) by the terminal (10) to the 
trusted domain name service (DNS) server (22, 22a) for identifying an address mapping for the 
help-portal server (24, 24a) (page 5, paragraphs 85-86 and 90); and 

identifying (51,51a) said address mapping to the terminal (10) by the trusted domain 
name service server (22, 22a) (page 5, paragraph 89). 
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25. As per claims 10 and 24, Kalke and Martin, JR. taught the invention substantially as 
claimed in claims 9 and 23 above. Kalke further taught wherein a security of configuring the 
terminal (10) is ensured by means of the chain of trust built by the trusted home location register 
(18, 18a) (1 132, fig. 1 1), by the well-known access point node name for accessing the trusted 
access point node (20) (page 5, paragraph 87), by the trusted access point node (20, 20a) (page 5, 
paragraph 86) (i.e. GGSN that handles the specific APN), by the trusted domain name service 
server (22, 22a) (1024, fig. 10) and by the well-known uniform resource locator (page 5, 
paragraphs 85-86) (Note that it is inherent that DNS query must included a URL in order for the 
DNS to retrieve a list of IP addresses). 

26. As per claim 1 1, Kalke and Martin, JR. taught the invention substantially as claimed in 
claim 1 above. Kalke further taught wherein after the step of forwarding (52, 52a) the access- 
request signal (30, 30a) to the help-portal server (24, 24a), the method further comprises the 
steps of: sending (52, 52a) a user authentication request signal (32a, 32b) to an authentication 
block (26) of the network (16) or to the terminal (10) or to both, the authentication block (26) 
and the terminal (10), respectively, by the help-portal server (24, 24a), and a receiving 
authentication confirmation signal (34a or 34b) back from the authentication block (26) or from 
the terminal (10), respectively, or from both, the authentication block (26) and the terminal (10) 
(page 14, paragraphs 226 and 228); and 

determining if the terminal (10) is authentic by the help-portal server (24, 24a) based on 
the authentication confirmation signals (34a or 34b) (page 14, paragraph 227). 
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27. As per claims 12 and 25, Kalke and Martin, JR. taught the invention substantially as 
claimed in claims 1 1 and 23 above. Kalke further taught wherein said access-request signal (30) 
contains user identification information (e.g. MSISDN), a generic uniform resource locator 
(URL) request for the help-portal server (24) (page 5, paragraphs 85-86) (Note that it is inherent 
that DNS query must included a URL in order for the DNS to retrieve a list of IP addresses), and 
a well-known access point node (APN) name for accessing the trusted access point node (20) or 
a wildcard access point node (APN) (page 5, paragraph 87). 

28. As per claims 13 and 26, Kalke and Martin, JR. taught the invention substantially as 
claimed in claims 12 and 25 above. Kalke further taught comprises the steps of: 

sending (56) a triggering signal (36) (e.g. request) to a provisioning server (28) by the 
help-portal server (24) (page 4, paragraph 66; fig. 8); and (Since the wireless device access the 
provisioning server 852 via portal server, thus the request must be forward to the provisioning 
server by the portal server) 

sending (58) a provisioning signal (38) by the provisioning server (28) to the terminal 
(10) and so configuring said terminal (10) (page 4, paragraph 70). 

29. As per claims 14 and 27, Kalke and Martin, JR. taught the invention substantially as 
claimed in claims 1 1 and 23 above. Kalke further taught wherein said access-request signal 
(30a) contains user identification information (e.g. MSISDN), a generic uniform resource locator 
(URL) request for the help-portal server (24a) (page 5, paragraphs 85-86) (Note that it is inherent 
that DNS query must included a URL in order for the DNS to retrieve a list of IP addresses) and 
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for a device management server (28a) (e.g. PDP address), a well-known access point node name 
for accessing the trusted access point node (20a) or a wildcard access point node (APN) (e.g. 
APN) (page 5, paragraph 87). 

30. As per claim 28, Kalke and Martin, JR. taught the invention substantially as claimed in 
claim 27 above. Kalke further taught wherein the network (16) further comprises: a device 
management server (28a) (242, fig. 2), responsive to the access-request signal (30a) (PDP 
Context Request) and to a further access-request signal (37) (subsequent PDP Context Request) 
containing a network access authentication (i.e. responsive to PDP Context Request containing 
MSISDN), for providing the management session signal (38a) to the terminal (10) for 
configuring the terminal (10) (page 4, paragraphs 69-70). 

31. As per claims 1 5 and 29, Kalke and Martin, JR. taught the invention substantially as 
claimed in claims 14 and 28 above. Kalke and Martin, JR. further taught comprising the steps 

of: 

sending an initial provisioning triggering signal (27) to a device management server (28a) 
for initial provisioning (see Kalke, page 4, paragraphs 65-66); and 

sending a further triggering signal (33) by the help-portal server (24a) to an initialization 
content handler (15) of the terminal (10), said further triggering signal (33) containing a proxy 
address for connecting to the device management server (see Martin, JR., page 3-4, paragraphs 
29-30). 
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32. It would have been obvious to one having ordinary skill in the art at the time of the 
invention was made to combine the teachings of Kalke and Martin, JR. for the same reason set 
forth in claim 1 above. 

33. Kalke and Martin, JR. did not teach containing a password in the triggering signal. It 
would have been obvious to one having ordinary skill in the art at the time of the invention was 
made to include a password in a triggering signal (e.g. request) in order for a terminal to access 
to a server because by doing so it would avoid unauthorized terminal accessing to a sensitive 
data in the server, thus increase the security of a system. 

34. As per claim 16, Kalke and Martin, JR. taught the invention substantially as claimed in 
claim 15 above. Martin, JR. further taught comprising the step of: determining (64) if the further 
triggering signal (33) contains an instruction of making a connection (i.e. for establishing a 
provisioning session) to the device management server (28a) by the terminal (10) (page 3, 
paragraph 29). 

35. It would have been obvious to one having ordinary skill in the art at the time of the 
invention was made to combine the teachings of Kalke and Martin, JR. because Martin, JR.'s 
teaching of determining if a triggering signal contains an instruction of making a connection to 
the device management server would increase the efficiency of Kalke' s system by allowing a 
terminal to receive provisioning directive remotely from a device management server. 
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36. As per claim 17, Kalke and Martin, JR. taught the invention substantially as claimed in 
claim 16 above. Martin, JR. further taught comprises the steps of: 

sending (68) a start signal (35) (i.e. forwarding the SMS provisioning message as a start 
signal) to a device management agent block (17) of the terminal (10) by the initialization content 
handler block (15) (page 4, paragraph 30); 

sending (70) a further access-request signal (37) containing a network access 
authentication to the device development server (28a) by the device management agent block 
(17) (page 4, paragraphs 30-31); and 

sending (58a) the management session signal (38a) by the device development server 
(28a) to the terminal (10) for further configuring the terminal (10) (page 4, paragraph 3 1). 

37. It would have been obvious to one having ordinary skill in the art at the time of the 
invention was made to combine the teachings of Kalke and Martin, JR. because Martin, JR.'s 
teaching of sending signal for further configuring the terminal would increase the efficiency of 
Kalke 5 s system by allowing a terminal to receive provisioning directive remotely from a device 
management server. 

38. As per claims 18 and 22, Kalke and Martin, JR. taught the invention substantially as 
claimed in claims 1 and 19 above. Kalke further taught comprises the step of: starting a browser 
user agent (12) by a starting signal (3 1) from a user (14) (page 8, paragraph 139). (Note that 
Kalke taught activate a device with user interface (i.e. browser user agent), thus it is inherent that 
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a user must present a starting signal to start the user interface (e.g. clicking on an interface icon). 

CONCLUSION 

39. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

Blakley III et al, U.S. Patent 7,039,714, disclosed a method of using URL of a portal 

server. 

Soderbacka et al, U.S. Patent Application Publication 2003/01 14158, disclosed a method 
of accessing a content server via an APN, a HLR and a DNS. 

40. A shortened statutory period for reply to this Office action is set to expire THREE 
MONTHS from the mailing date of this action. Any inquiry concerning this communication or 
earlier communications from the examiner should be directed to Philip C Lee whose telephone 
number is (571)272-3967. The examiner can normally be reached on 8 AM TO 5:30 PM 
Monday to Thursday and every other Friday. If attempts to reach the examiner by telephone are 
unsuccessful, the examiner's supervisor, Bunjob Jaroenchonwanit can be reached on (571) 272- 
3913. The fax phone number for the organization where this application or proceeding is 
assigned is 571-273-8300. Information regarding the status of an application may be obtained 
from the Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. Status 
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information for unpublished applications is available through Private PAIR only. For more 
information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions 
on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217- 
9197 (toll-free). . 



PL. 




